New machine

I received all the bits for the new machine last week and finally had a few minutes to put them together!

Behold!
New pi & case
New pi & case

Next step is to get the Pi4 to boot from USB.

After that I’m planning on following my friend Alan’s advice and set up Docker/Kubernettes on it.
I want to utilize ansible playlists to automate new machine cloning/setup. I have zero experience with Ansible, but I’ve kinda half-watched 2 Youtube videos on it without taking notes so I’m totes an expert now. It should be fun.

I’d also like to say thanks to Christopher Barnatt for making this video on the Argon One M.2 case! Very informative.
https://www.youtube.com/watch?v=Tgrka088ZFk

New todo list item:

  • Make New machine boot from USB
  • Automate headless install/setup with ansible playlist.

Comment and share

I first installed my current OS over 2 years ago.

I’ve learned on this little server, but I worry the OS is building up a patina of poorly installed crud that I don’t know if I can effectively remove… and definitely can’t in a timely manner.
I must say I am beyond thrilled with the capability of this Raspberry Pi 3. It’s certainly not the fastest thing, but I’ve had zero reliability issues with it and has never failed to do any task I’ve asked of it. knock on wood In the words of Zombocom, “The only limit is myself.” LOL

The Why

  • I found the enclosure & SSD solution I want to go with. I’ve been eyeing various solutions since I first got my Pi, but have kept the pi totally nekkid, uncooled and running on an SD card and USB stick.
  • The SSD solution also requires an upgrade to a Pi4, which includes a sata controller. Beyond that, with everything I’m planning on running, it’s probably a good idea to upgrade for the extra memory if not the processor.

More Why

There’s a ton of stuff that needs to be cleared off the server that would take an eternity to do correctly. It’d be much easier to just start over. For example:

  • Long ago I very-messilly installed and set up Pleroma… apt choked pretty damned badly on erlang installation. It took me more than a week and involved all sorts of shady shenanegans including recompiling libraries from alternate repositories that could have skewed my shared libraries and cruddied up my os in ways that are beyond my understanding.
  • A TURN server is set up on it. The pi doesn’t have an outward facing IP address though, so it’s only usefull for making video calls inside my local network. I have another server that’s much better suited for this.
  • MySQL and Postgres were both installed, then MySQL was mostly uninstalled. I know there are at least users and probably config files lying around somewhere.
  • Yii was installed and tinkered with for some consulting work. Yii is built on PHP, so that was installed and I don’t need that stuff anymore.
  • I set up and installed PeerTube, creating various users for both Postgres (or was it MySQL?) and the OS.
  • Matrix.Org & Synapse was installed. I want to dockerize it.
  • A Minecraft server was installed and ran on it for a while. It may actually still be running for all I know. Havent looked at a readout of ps recently.
  • I set up multiple Hexo installations, but again want to dockerize it. The blogs will be migrated.
  • A Doge miner was set up on it… seems I missed the boat on being able to profitably mine Doge though, so I haven’t done anything with it. I think that’s nicely contained, but I’m not sure.
  • Ponzu is installed, but not functioning yet. I want to dockerize it. I’m unfamiliar with the ways of Go and it seems to be best suited to run in its own user environment, but that’s a PITA and docker would be better anyway.
  • And I think I did a bunch of other stuff, but can’t remember what.

The What

Gonna get these:

I’ll then set it up to boot off the SSD.

More The What

Then I’ll get to installing these:

  • NGINX
  • Fail2Ban
  • Docker
  • Postgres (container)
  • Ponzu (container)Fail2Ban
  • Hexo server (container)
  • NodeRed (container)
  • Home Assistant (container)
  • Influx (container)
  • Grafana (container)

If I can get it working with my XStick by Digi I’ll set that up with home assistant. If not, I’ll try installing webthings gateway (another container!)

My current Pi3B will be put to good use. I want to set up a security camera on my back porch and would love to do some time lapse experiments too.

Mega thanks to these Youtube superstars:

Comment and share

The site’s been down and zero progress has been made for at least a month now. I regret to say the reason is just plain dumb, but I guess it makes sense.

It seems when a mount in the fstab is unmountable raspian decides to boot in some sort of safe mode. This makes it so it doesn’t even get an ip address from the router and is unreachable. I guess this is some sort of security measure… either way it really sucks when the user is unaware of the issue.

The uncool thing about the safe mode boot is that it wants the root password. For security reasons I didn’t set up a root password on my pi. So really this meant I couldn’t modify my server’s fstab using my server.

My other computer is a Windows machine. Windows doesn’t read/write ext4 formatted partitions because Microsoft is a jerkwad and I have no desire to dual boot that machine as it is my livelyhood. I cannot take a day off if Windows and GRUB decide to not play nice, which has happened to me before. I instead had to get a new micro-sd card, flash ubuntu server for raspberry pi on it, boot ubuntu on my flash drive, mount the raspian card on a card reader and modify the fstab in order to get my server to boot.

Of course I didn’t know my server wasn’t booting because of a misconfigured fstab, oh no. Allow me to vent with my long boring story of frustration.

I know that eventually I want this server to boot from an actual hard drive. I want the server to reliably run for years on end, maybe even decades. SD cards are not really meant to host operating systems and have a relatively limited lifespan. So I hooked a cheap spindle drive to the pi and added it to the fstab planning to eventually figure out how to install and boot raspian off it. I hadn’t gotten around to actually putting the drive to any real use yet.

A month or so later I needed a drive I could afford to lose in order to deliver some shots to a client. I knew there was a 50% chance I’d never see the drive again, but I didn’t want to go to the store for a new one and as the drive was unused, I yanked the drive I’d mounted. I didn’t know I needed to update the fstab if I wanted to reboot the pi again.

My server kept running as if nothing was amiss for a few weeks. Then there was a power outage and lo, the pi rebooted.
I had updated my router recently and not thinking something could be wrong with my trusty ol’ pi that had been running just fine for many months, I spent several hours over multiple weekends trying to figure out where the pi was, blaming the new routers configuration. After realizing that the pi’s MAC address definitely wasn’t showing up on the router and every other device was working fine, I figured maybe the pi either overheated or got fried during the power outtage.

After a few more weeks I found time to hook the pi up to a monitor as see if it’s booting at all and wouldn’t you know it was booting; the hardware was fine. The boot was getting hung up on it not finding that useless spindle drive.

So yeah, several hours of debugging and zero progress on the server for over a month because I unhooked a useless drive thinking the pi would just pop a warning up when it was unable to mount it.

New todo list item:

Set up mount calls on boot instead of relying on fstab. Then even if a drive is unmountable at least I’ll be able to log in and figure out what the heck is going on.

Comment and share

I took a couple hours to implement Matrix authorization tokens in the header as posted about previously.
I modified the matrix nginx config to allow the Authorization header.

I’m so happy it’s working!

Todo list items:

  • Finish matrix room io for matrix bot goodness.
  • Incorporate Ponzu CMS!
  • https://github.com/hexojs/hexo-server -monitor file changes and generate pages automatically and hopefully without having to load hexo each update. I think each blog may need its own server.

Comment and share

Just found this page. OMG this is awesome. I’ve been needing this for a while.

https://matrix.org/docs/spec/

I’m especially excited by this bit:

Access tokens may be provided in two ways, both of which the homeserver MUST support:

Via a query string parameter, access_token=TheTokenHere.
Via a request header, Authorization: Bearer TheTokenHere.

Clients are encouraged to use the Authorization header where possible to prevent the access token being leaked in access/HTTP logs.

All the tutorials I’ve been referencing pass the access token via query string which straight up filled me with massive doubts about the security and whorthwhileness of the whole project.

Haven’t had much time to work/research things the past couple weeks. It’s all good stuff, but dang aren’t there a lot of important-but-expensive things that need to happen sometimes. And doesn’t the work-to-pay-for-all-that just suck up all the free time in the world.

New todo list item:

  • https://github.com/hexojs/hexo-server - If I understand correctly, this will monitor file changes and generate pages automatically and hopefully without having to load hexo each update. I think each blog will need its own server, which is a bummer, but might not be a problem.

Comment and share

GlipGlorp

Glip glorp, we got the swirls!

After a couple hours of playing with some fantastic images Alan and I painted a while ago I generated a fun loop.
I hope to expand on this and make something more interesting that could be used as a fun backdrop to a performance.

The swirls!

Comment and share

post

I have spent 4 hours of intensive research and reading and configuring and researching and examining and mending in order to accomplish the following:
Accessing https://www.ouropenbook.org/RUDI/ will return the word ‘DERP’ in all caps.

Time for bed.

Comment and share

  • page 1 of 1

Derick Dressel

author.bio


author.job